143.198.139.61200 OK 395 kB URL User Request GET HTTP/1.1 IP 143.198.139.61:443
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuercPanel, Inc.
Subjectarvest-bank.xyz
Fingerprint77:F0:21:25:F8:C5:1D:8A:40:4D:50:8E:FD:CD:6E:4F:1D:03:5A:49
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (64343), with CRLF line terminators
Size 395 kB (395010 bytes)
Hash 50cb827190e4066f4e9a3878b1d52f78
5daf5d17600fc5b1f86c4c78bc3546c4b8d13de3
f2d3bd0a255db9381519e096f6e20ddb9bc4756cfd30956759bf210d1645b1c6
Analyzer Verdict Alert openphish phishing Arvest Bank
GET / HTTP/1.1
Host: arvest-bank.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Jun 2023 00:04:27 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.sectigo.com/
104.18.14.101 472 B IP 104.18.14.101:0
Hash 54f97ee84873d39e3a104c9369f341f7
c080765992839c51c60a082e2220d2fa4297eaa2
4ba664106695b6efbf00e1b784c6210d3df0121e4f1b43fab4ac2e9ce939ad02
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Jun 2023 00:04:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Jun 2023 17:40:50 GMT
Expires: Sat, 01 Jul 2023 17:40:49 GMT
Etag: "c080765992839c51c60a082e2220d2fa4297eaa2"
Cache-Control: max-age=408380,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7dd96ece7a27b50c-OSL
ocsp.sectigo.com/
104.18.15.101 472 B IP 104.18.15.101:0
Hash 54f97ee84873d39e3a104c9369f341f7
c080765992839c51c60a082e2220d2fa4297eaa2
4ba664106695b6efbf00e1b784c6210d3df0121e4f1b43fab4ac2e9ce939ad02
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Jun 2023 00:04:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Jun 2023 17:40:50 GMT
Expires: Sat, 01 Jul 2023 17:40:49 GMT
Etag: "c080765992839c51c60a082e2220d2fa4297eaa2"
Cache-Control: max-age=408380,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7dd96ece8f84b509-OSL
devilsms.live/page/bsc.js
199.188.200.254200 OK 252 B URL GET HTTP/2 devilsms.live/page/bsc.js
IP 199.188.200.254:443
Certificate IssuerSectigo Limited
Subjectdevilsms.live
Fingerprint72:C0:D3:B1:19:FB:CD:8A:B3:B2:6D:62:78:A9:37:61:9F:B9:AA:6C
ValidityThu, 18 Aug 2022 00:00:00 GMT - Sat, 16 Sep 2023 23:59:59 GMT
Hash c51a63771d00b43dc487c3ac21e05422
7c75efbd4676583a24f6d5853d6a0816e187381e
d2b2efa177f6e43d960a3b401c85e6bfbab357b75a633f4b8f55e9e998992aee
GET /page/bsc.js HTTP/1.1
Host: devilsms.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://arvest-bank.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Jul 2023 00:04:28 GMT
content-type: application/javascript
last-modified: Mon, 08 May 2023 06:10:18 GMT
accept-ranges: bytes
content-length: 252
date: Tue, 27 Jun 2023 00:04:28 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
devilsms.live/cleave.js
199.188.200.254200 OK 21 kB IP 199.188.200.254:443
Certificate IssuerSectigo Limited
Subjectdevilsms.live
Fingerprint72:C0:D3:B1:19:FB:CD:8A:B3:B2:6D:62:78:A9:37:61:9F:B9:AA:6C
ValidityThu, 18 Aug 2022 00:00:00 GMT - Sat, 16 Sep 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (1712)
Hash 3bbc061fb0ad251028998d5a611eff8e
e02e4f2220bd63e95045a79f6cf7ee0f530ec8e5
9d490665d6b1ea2dc13de64536164ce5b8efa60f17d32610cb97b57c823a466d
GET /cleave.js HTTP/1.1
Host: devilsms.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://arvest-bank.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Jul 2023 00:04:28 GMT
content-type: application/javascript
last-modified: Sun, 30 Jan 2022 13:07:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21221
date: Tue, 27 Jun 2023 00:04:28 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
devilsms.live/page/bsc/bsc_000064.js
199.188.200.254200 OK 19 B URL GET HTTP/2 devilsms.live/page/bsc/bsc_000064.js
IP 199.188.200.254:443
Certificate IssuerSectigo Limited
Subjectdevilsms.live
Fingerprint72:C0:D3:B1:19:FB:CD:8A:B3:B2:6D:62:78:A9:37:61:9F:B9:AA:6C
ValidityThu, 18 Aug 2022 00:00:00 GMT - Sat, 16 Sep 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5c388856327f1afdb3c78f590c2aa63d
57b22dc19be4441d81296362254668b771170a0f
33e5e56cadf9dbe3715356335b7e3756b94675d4120ac220e351166e3a1e2b57
GET /page/bsc/bsc_000064.js HTTP/1.1
Host: devilsms.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://arvest-bank.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Jul 2023 00:04:28 GMT
content-type: application/javascript
last-modified: Wed, 17 May 2023 11:51:02 GMT
accept-ranges: bytes
content-length: 19
date: Tue, 27 Jun 2023 00:04:28 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
arvest-bank.xyz/favicon.ico
143.198.139.61404 Not Found 315 B URL GET HTTP/1.1 arvest-bank.xyz/favicon.ico
IP 143.198.139.61:443
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuercPanel, Inc.
Subjectarvest-bank.xyz
Fingerprint77:F0:21:25:F8:C5:1D:8A:40:4D:50:8E:FD:CD:6E:4F:1D:03:5A:49
ValiditySat, 24 Jun 2023 00:00:00 GMT - Fri, 22 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish phishing Arvest Bank
GET /favicon.ico HTTP/1.1
Host: arvest-bank.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://arvest-bank.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 27 Jun 2023 00:04:29 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1